W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

Re: Trusted Proxy Alternatives Analysis

From: Salvatore Loreto <salvatore.loreto@ericsson.com>
Date: Sun, 9 Feb 2014 14:05:16 +0000
To: Peter Lepeska <bizzbyster@gmail.com>
CC: Frode Kileng <frodek@tele.no>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <B0C58AFE-E48A-4F6D-987C-95558871FCDF@ericsson.com>

On Feb 7, 2014, at 8:46 PM, Peter Lepeska <bizzbyster@gmail.com<mailto:bizzbyster@gmail.com>> wrote:

Do we really think it's realistic that all of this content could be served by a single, or a small number of reverse proxy / CDNs?

I don't think it is realistic, especially for the really small content providers (if it is correct to define them so) as the bloggers
or the people that at moment they have their own personal web site 
as we are implying that not only they should switch to support TLS (that can be a good thing for them, and for the Internet in general)
but we would also force them to partner with a CND operators

Do we even want a single or a small number of CDN operators to have the private keys for all content on the Internet?

That level of centralization might be seen as a step backwards in security terms.

Hope this isn't too much of a digression -- my main point is just that CDNs are an inadequate replacement technology for forward proxies in many cases.

I tend to agree that CDN is not a panacea,
CDN can be improve the situation in some case, but we have to be realistic here
and admit that it can be used as forward proxies replacement only in a really small part of
all the use cases where the forwarded proxy are used nowadays

Received on Sunday, 9 February 2014 14:05:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:24 UTC